file[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

file.dll
Size

362KB
MD5

3969d9062eb2daef1872aaf898636f08
SHA1

7922117847dcda90de4d8fbaaa5613076b959115
SHA256

7ce0babea43a0eca93ed5458b77df1cd695f672e8dd784d8ff0af777b66e7865
SHA512

c88f6d7f3cea5dbc8341ad4a7f6c6fc197a6b9f30b807a2eb61ab9cf33d3f607f4ddd04e91eb461edf9842062319f60bbdf6d9f964f3fc20748c748734437bf4
SSDEEP

3072:QmNJTdnsnRNulFiOxyioF2XfSGXbR4cFekbhO6r253I0rSis6bGCKLb1TASh8mU+:2MtTX3hdrCk6bGRL5TASh8mUUJaM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
file.dll

Files

file.dll
.dll regsvr32 windows x86

673e6604008da3fe065f3363f8a3b4cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
ord8
ImageList_AddMasked
ImageList_GetImageCount
ord6
PropertySheetA
ImageList_Destroy
ImageList_LoadImageA
InitCommonControlsEx
CreatePropertySheetPageA
ImageList_Draw
DestroyPropertySheetPage

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapDestroy
HeapCreate
HeapSize
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
GetStringTypeW
ExitProcess
Sleep
GetStdHandle
WriteFile
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
CreateThread
ExitThread
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
GetConsoleCP
LoadLibraryExA
SizeofResource
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
GetModuleHandleA
InitializeCriticalSection
SetLastError
lstrcmpA
FlushFileBuffers
IsDBCSLeadByte
lstrlenW
GetConsoleMode
lstrcpynW
GlobalAlloc
GetProfileStringA
lstrcmpiA
GetCurrentProcess
FlushInstructionCache
lstrcpynA
GetCurrentProcessId
FindResourceA
LoadResource
LockResource
DeleteCriticalSection
CreateFileA
ReadFile
FindFirstFileA
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
lstrcatA
FindClose
CloseHandle
GlobalUnlock
GlobalFree
GetVersionExA
GetProcAddress
GetLastError
LoadLibraryA
FreeLibrary
lstrcpyA
InterlockedDecrement
InterlockedIncrement
lstrlenA
MulDiv
GlobalLock
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
RaiseException
GetCPInfo

user32

OffsetRect
GetScrollInfo
SetScrollPos
InflateRect
SetRectEmpty
PtInRect
GetClassNameA
CallNextHookEx
GetSystemMetrics
GetWindowDC
SendDlgItemMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
ScrollWindowEx
DeleteMenu
EnableMenuItem
RegisterWindowMessageA
TrackPopupMenuEx
ModifyMenuA
DrawEdge
WindowFromPoint
GetSysColorBrush
FrameRect
GetKeyState
GetWindowThreadProcessId
CharLowerA
IsWindowEnabled
GetFocus
UnhookWindowsHookEx
SetWindowsHookExA
LoadBitmapA
LoadStringW
EndDialog
DialogBoxParamA
PostQuitMessage
LoadAcceleratorsA
SetScrollInfo
CharNextA
wvsprintfA
GetMenuStringA
IsMenu
DrawFrameControl
GetMessagePos
GetMenuItemCount
GetSubMenu
SetWindowLongA
GetWindowLongA
GetWindow
SystemParametersInfoA
MapWindowPoints
ScreenToClient
SetDlgItemInt
CreateWindowExA
InvalidateRect
UpdateWindow
GetDlgItem
wsprintfA
SetDlgItemTextA
EndPaint
BeginPaint
GetSysColor
DrawTextA
GetClipboardData
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
ClientToScreen
SetWindowPos
MessageBeep
LoadImageA
MessageBoxA
LoadMenuA
DestroyMenu
IsWindow
GetMenu
SetMenu
LoadStringA
SetWindowTextA
DestroyWindow
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
PostMessageA
GetActiveWindow
ReleaseDC
GetDC
IsClipboardFormatAvailable
IsWindowVisible
TranslateAcceleratorA
SendMessageA
GetParent
SetFocus
GetWindowRect
CallWindowProcA
DefWindowProcA
GetClientRect
FillRect
SetRect
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
InsertMenuA
UnregisterClassA

gdi32

LineTo
DeleteDC
RestoreDC
SaveDC
SetBkMode
SetTextColor
GetDeviceCaps
CreateDCA
PlayEnhMetaFile
OffsetWindowOrgEx
GetEnhMetaFileHeader
SetViewportOrgEx
MoveToEx
CreateFontIndirectA
SelectClipRgn
CombineRgn
CreateRectRgnIndirect
SetBrushOrgEx
SetBkColor
PatBlt
CreateCompatibleBitmap
CreateBitmap
CreatePatternBrush
CreateDIBSection
DeleteObject
StretchBlt
SelectObject
BitBlt
CreateCompatibleDC
DeleteEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileA
GetStockObject
EndDoc
AbortDoc
EndPage
StartPage
ResetDCA
GetObjectA
StartDocA

winspool.drv

ClosePrinter
OpenPrinterA
GetPrinterA

comdlg32

PrintDlgA
GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr

Exports

Exports

DllRegisterServer

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

673e6604008da3fe065f3363f8a3b4cd

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 60KB - Virtual size: 67KB

.rsrc Size: 76KB - Virtual size: 76KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 60KB - Virtual size: 67KB

.rsrc
Size: 76KB - Virtual size: 76KB

.reloc
Size: 13KB - Virtual size: 12KB